Fueled in part by the explosion in use of mobile telephones, Android devices are becoming the most popular intelligent device in the world. Currently, the Android operating system is the worlds most widely used smartphone platform and the operating system is also being used in a host of other electronic devices. In addition to the commonly recognized Android mobile telephones, Android devices (running the Android operating system) also include other mobile devices such as tablet computers, laptop computers, cameras, electronic readers, as well as many other electronic devices such as game playing consoles, desktop computers, car computers, televisions, etc.
Android is a Linux-based operating system and while most of its software applications are written in a custom version of the Java programming language, applications may also be written in the C and C++ languages. Even support for simple C and SDL applications may be made possible by minor modifications to its operating system. As with most other mobile telephone applications, these Android applications are written primarily by independent developers and the number of Android applications is growing very fast. For example, it is believed that the number of applications available on Google Play reached 900,000 as of April, 2013 and will reach 1,000,000 applications as of June of 2013. Android applications may also be obtained from developers directly.
Not surprisingly, the number of malicious Android applications is increasing as well. The antivirus software company Trend Micro, Inc. identified 25,000 Android malware samples in the second quarter of 2012, more than double the prediction of 11,000, and more than four times the 6,000 malware samples found in the previous quarter. Malicious software includes software that sends text messages from infected telephones to premium-rate telephone numbers, displaying intrusive advertisements on the device, sending personal information to unauthorized third parties, etc. While a variety of antivirus software companies have released antivirus software for Android devices, this software can be ineffective because all Android applications (including the antivirus applications) run in a “sandbox” (an isolated area that does not have access to many of the operating system's resources), thus limiting the ability to scan the entire operating system for malicious software. In addition, a user may grant an application permission to perform operations outside of the sandbox, potentially allowing malicious software to create problems.
This dramatic increase in malware found within Android software applications is problematic. And even though malware scanners exist within the Google Play Web site and within the Android operating system itself, it is believed that many malware applications are not detected. Due to the sheer number of Android applications, and the number of new applications being developed monthly, techniques are desired to determine whether a given Android application includes malicious software or not.